Hello Everyone,

i have a weird issue happening in my MIM portal implementation

i have 2 types of users, that i differentiate with the domain attribute.

so user 1 is domain 1 and belongs to set 1 and user 2 is domain 2 and belongs to SET 2

i created a set for each of those users based on the domaine Criteria then i configured 2 MPRs, the requestor for MPR 1 is all people and the  target ressource before and after  is set 1

the same goes for the MPR 2 with SET 2

for some reason they are crossing over, MPR 1 seems to apply to User 2....

any help would be much aprpeciated

Hitch Bardawil

Hi everyone

Need your help !!!

In my case,

A connector with an capability as export type attribute for the multi-valued attributes.

Is there is a way to get the unchanged attribute values of object with above definition or else with out losing the value modification type property values

Hi Guys,

I am having issue with my FIM 2010 Security code email. When i enter the user ID i got the following message:

"Unable to send email message to user within the allocated time. Verify connectivity to Exchange or SMTP email service, and verify that the timeout period for sending messages is sufficiently long for your environment"

I have not made any changes in the FIM configuration and the config file still has the same entries:

    <add key="mailServer" value="https://excchange.company.com/ews/exchange.asmx" />
    <add key="isExchange" value="1" />
    <add key="sendAsAddress" value="FIMService@company.com" />
    <add key="synchronizationServerName" value="FIMSERVER1.COMPANY.COM" />

It has been working fine for many years and the only thing is that the account being used as a service and email delivery "fimservice@company.com" is migrated to Office 365 but my on-premsiss email server "excchange.company.com"is still up and running and I doubt if this casued teh issue.

Your help will be highly appreciated.

Sarwar

What is TechNet Guru Competition?

Each month the TechNet Wiki council organizes a contest of the best articles posted that month. This is your chance to be announced as MICROSOFT TECHNOLOGY GURU OF THE MONTH!

One winner in each category will be selected each month for glory and adoration by the MSDN/TechNet Ninjas and community as a whole. Winners will be announced in dedicated blog post that will be published in Microsoft Wiki Ninjas blog, a tweet from the Wiki Ninjas Twitter account, links will be published at Microsoft TNWiki group on Facebook, and other acknowledgement from the community will follow.

Some of our biggest community voices and many MVPs have passed through these halls on their way to fame and fortune.

If you have already made a contribution in the forums or gallery or you published a nice blog, then you can simply convert it into a shared wiki article, reference the original post, and register the article for the TechNet Guru Competition. The articles must be written in May 2019 and must be in English. However, the original blog or forum content can be from beforeMay 2019.

Come and see who is making waves in all your favorite technologies. Maybe it will be you!

Who can join the Competition?

Anyone who has basic knowledge and the desire to share the knowledge is welcome. Articles can appeal to beginners or discusse advanced topics. All you have to do is to add your article to TechNet Wiki from your own specialty category.

How can you win?

1. Please copy/Write over your Microsoft technical solutions and revelations to TechNetWiki.
2. Add a link to your new article on THIS WIKI COMPETITION PAGE (so we know you've contributed)
3. (Optional but recommended) Add a link to your article at the TechNetWiki group on Facebook. The group is very active and people love to help, you can get feedback and even direct improvements in the article before the contest starts.

Do you have any question or want more information?

Feel free to ask any questions below, or Join us at the official MicrosoftTechNet Wiki groups on facebook. Read More about TechNet Guru Awards.

If you win, people will sing your praises online and your name will be raised as Guru of the Month.

Hi FIM Team,

I have requirement to Implement the custom connector for SAP ODATA Base API Integration with MIM.

for this I have JSON and xmL format. and I have to pull the data to a SqL Server Table or directly a Connector in MIM.

What would be the best and Easy option for me to Implement the same and Please do provide me any Solution how to Implement.

Thanks - srinivas

hi Experts,

I would need to enable a functionality to search for a member in Group RCDC, Members Tab.

It has the UocListView fro ExplicitMember.

Can I use showSearchControl to show the searchbox and searchscope in the RCDC?

I did tried updating this property, but not succeeded.

Thanks and Regards, Siva Kumar Balaguru

Hi, I am a complete FIM newbie and I have just installed the FIM sync engine into our lab.

I am trying to configure FIM as a basic DirSynch between two AD domain, so when a user gets created in AD1 I would like FIM to pick the user up and create a duplicate in AD2.

I have created a AD MA to AD1 and I have managed to pull a few test users into FIM (I can see them in the connector space), now how do I export them to AD2? I thought it would be just a case of creating a MA to AD2 and set the flow to export but reading on some web pages I think I will need to install the FIM service and create a FIM Service MA.

Any help gratefully received!

David

Having a bit of trouble with the password portals.

I've got users flowing into the portal from AD and an SQL database. The password registration portal is working fine, the reset portal asks me to answer my security questions then prompts me to enter a new password. When I enter a new password I receive:

An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. 
(Error 3000)

Checking the event logs there are three errors:

The web portal received a fault error from the FIM service.
Details:
Microsoft.ResourceManagement.WebServices.Faults.ServiceFaultException: DataRequiredFaultReason
   at Microsoft.ResourceManagement.WebServices.ResourceFactoryClient.Create(Message request)
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.ResetProxy.InteractWithPasswordResetActivity(SecureString newPassword, String activityEndpoint, String workflowInstanceId, ContextualSecurityToken sessionSecurityToken)
Web Portal: FIM Password Reset Portal
Session Id: xyfb1tjb0w1suqa0ikqdhp45
IP Address: ::1

Microsoft.IdentityManagement.CredentialManagement.Portal: System.Web.HttpUnhandledException: ScriptManager_AsyncPostBackError ---> System.InvalidProgramException: Error while performing the password reset operation: PWUnrecoverableError
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Reset.AttemptToResetPassword()
   at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Site.ScriptManager_AsyncPostBackError(Object sender, AsyncPostBackErrorEventArgs eventArgs)
   at System.Web.UI.ScriptManager.OnAsyncPostBackError(AsyncPostBackErrorEventArgs e)
   at System.Web.UI.PageRequestManager.OnPageError(Object sender, EventArgs e)
   at System.Web.UI.TemplateControl.OnError(EventArgs e)
   at System.Web.UI.Page.HandleError(Exception e)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.UI.Page.ProcessRequest(HttpContext context)
   at ASP.default_aspx.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

The error page was displayed to the user.
Details:
Title: Error
Message: An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000)
Source: 
Attributes: 
Details: System.InvalidProgramException: Error while performing the password reset operation: PWUnrecoverableError
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Reset.AttemptToResetPassword()
   at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
CorrelationId: 
RequestId: 
ErrorCode: 3000
CaughtTime: 01/22/2013 13:06:33

Web Portal: FIM Password Reset Portal
Session Id: xyfb1tjb0w1suqa0ikqdhp45
IP Address: ::1

I've tried looking at existing suggestions for such a problem but nothing seems to have worked! Any clues? 

Thanks.

Hai Guys, I am new to this IAM and I don't know much things about IAM and I am learning on it.

I am facing one issue with FIM ECMA 2.0 debugging, I have imported the data from Sales Force application to Metaverse through ECMA 2.0.I am trying to do the debug to know the data flow but I didn't.

It would be great if you guys suggest me the path and links that would help me to achieve it.

Thanks in Advance.

Regards,

Mano K

Hi,

I inherited a FIM solution with custom code on the mentioned interfaces.

I see csentry("xyz") being set on both extensions. When does each one runs?

Is IMVSynchronization.Provision used only for first time provisioning of the resource?

Thanks,

JD

Hi,

I have a FIM solution with several Rules extensions.

On each Visual Studio project properties the "target .net version" is not allways the same. Some are .net 2.0 others .net 3.5 and others .net 4.0

I understand this implies the targetting of 2 diferent CLR versions (V2.0 and V4.0) 

Should I care to normalize the target .net version on each project?

What is latest .net version I can compile to and that is  suported by FIM 2010 R2?

Thanks,

JD

Hi,

In this moment I have a Server that have Windows 2016 Standard and the MIIS 2016 working correctly, I only have installed the Sync service and use the Sync Service Manager.

After I upgrade in-place to Windows 2019 the service not start. I run the miiskmu.exe and execute the option Abandon key set...and after that the service is started but the console not work.

I need to know if there is a new version or if MIIS 2016 is supported on Windows 2019.

I try to search some information about MIIS and support for Windows 2019 and I not found anything.

I wait your comments and help.

Thanks and regards,

Roque.

Our old network server data was migrated to a new server, new location over the weekend. I have a customized reporting database which has been used for a dozen years and now has stopped access to doing coding after migration.

Error messages read the following;

Database has been placed in a state by user admin that prevents it from being opened or locked

next message;

Microsoft Access is unable to read the VBA modules of this database and cannot recover the modules because the file is read only.  To recover the VBA modules, close the database and make a backup copy of the database.  Then open the database with read/write permission.

Third message;

The VBA modules in this database  appear to have been saved with errors.  Access can recover the modules but you should back up the database first. 

Computer services migraged all of these drives using "delta sync" and I am not familiar with what precautions/allowances should be made for MS Access Databases.

Thanks in advance.

Hello all.

I'm using the Generic Rest MA to import objets coming from a Rest WS. One of the attribute of my object is an ID which represent the ID of the parent object. They organizational units so the attribute is parentEntityId. So what I want is that during the import, I want to generate a reference attribute in the CS to import it into the MV as as reference.

The issue is that the value I try to process (the ID) is a string and I don't know how to change it into a reference. I've tried many things but what I undestrand is that from the ECMA code of the Generic Rest MA source code, I cannot acces my MA to do something like ma.CreateDN. I've defined my attribute as a reference in CS schema (GetSchema) but obviouly when I do the import I've invalid-attribute-value error because in fact the value I get when calling the rest WS is a string.

Do someone know how to instantiate a ReferenceValue from a string ?

Is there any known trick to import attribute as reference in ECMA ?

Regards.

Hi,

Any info on creating FIM extension rules unit test and using syncParams paramemeters on the tests?

what about mock samples?

Many thanks,

JD

Hello Everyone,

I am working on develoving a call based ECMA for our FIM environment to communicate with our Emergency Alert Notification System. However I am having trouble finding sample code or documentation around the Call Based functionality of ECMA when using an API. I found this link but it deals with connecting to a SQL DB. Would anyone be willing to share some sample code around Call Based/API ECMAs?

I'm getting a deadlock error for groups when running an export on the FIM MA.  Or MIM MA or whatever it's called now.  I set up the required attribute flows and sync rules (after having some failures around not having group type and scope flowed).  And enabled the group sync MPRs.  I haven't had group provisioning working in this instance yet. It is provisioning projected AD users to an LDAP server though, so I've got that going for me.

This is on version 4.5.286.0.  Can anyone offer suggestions?

Fault Reason: The endpoint could not dispatch the request.\r\n\r\nFault Details: &lt;DispatchRequestFailures xmlns="http://schemas.microsoft.com/2006/11/ResourceManagement" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"&gt;&lt;DispatchRequestAdministratorDetails&gt;&lt;FailureMessage&gt;Exception: Other
Stack Trace: Microsoft.ResourceManagement.WebServices.Exceptions.UnwillingToPerformException: Other ---&amp;gt; System.Data.SqlClient.SqlException: Reraised Error 50000, Level 13, State 1, Procedure ReRaiseException, Line 37, Message: Reraised Error 50000, Level 13, State 1, Procedure ReRaiseException, Line 37, Message: Reraised Error 1205, Level 13, State 51, Procedure GenerateRequestOutput, Line 2147, Message: Transaction (Process ID 325) was deadlocked on lock resources with another process and has been chosen as the deadlock victim. Rerun the transaction.

Hi,

I am facing an issue with the password reset portal. User is successfully able to register on password register portal. Then on password reset portal, it successfully verifies the answers of the security questions, and then prompts for a new password. But when user enters the new password and clicks on next, it gives an error: "An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000)" Can anyone guide me on this as I have searched different forums on internet, followed different guides but all in vain. 

We are having a 2-tier architecture: FIM Portal (FIM Service) and Password Portals are running on one machine, and FIM Sync (Synchronization Server) is running on another machine. 

When I check event logs of both machines, I get one error event on FIM Sync machine and4 error events on FIM Service machine.

Below is the error on FIM Sycn Machine:

The server encountered an unexpected error while performing an operation for the client.
"BAIL: MMS(5084): ..\server.cpp(8094): 0x80070005 (Access is denied.)
Forefront Identity Manager 4.4.1302.0"

Below are the four errors on FIM Service machine:

System.Management: System.Management.ManagementException: Access denied 
   at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
   at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
   at Microsoft.ResourceManagement.PasswordReset.ResetPassword.ResetPasswordHelper(String domainName, String userName, String newPasswordText)

The web portal received a fault error from the FIM service.
Details:
Microsoft.ResourceManagement.WebServices.Faults.ServiceFaultException: DataRequiredFaultReason
   at Microsoft.ResourceManagement.WebServices.ResourceFactoryClient.Create(Message request)
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.ResetProxy.InteractWithPasswordResetActivity(SecureString newPassword, String activityEndpoint, String workflowInstanceId, ContextualSecurityToken sessionSecurityToken)
Web Portal: FIM Password Reset Portal
Session Id: j0mz1245ydyzf055iokgjw55
IP Address: 10.98.0.15

Microsoft.IdentityManagement.CredentialManagement.Portal: System.Web.HttpUnhandledException: ScriptManager_AsyncPostBackError ---> System.InvalidProgramException: Error while performing the password reset operation: PWUnrecoverableError
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Reset.AttemptToResetPassword()
   at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Site.ScriptManager_AsyncPostBackError(Object sender, AsyncPostBackErrorEventArgs eventArgs)
   at System.Web.UI.ScriptManager.OnAsyncPostBackError(AsyncPostBackErrorEventArgs e)
   at System.Web.UI.PageRequestManager.OnPageError(Object sender, EventArgs e)
   at System.Web.UI.TemplateControl.OnError(EventArgs e)
   at System.Web.UI.Page.HandleError(Exception e)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
   at System.Web.UI.Page.ProcessRequest()
   at System.Web.UI.Page.ProcessRequest(HttpContext context)
   at ASP.default_aspx.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

The error page was displayed to the user.
Details:
Title: Error
Message: An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000)
Source: 
Attributes: 
Details: System.InvalidProgramException: Error while performing the password reset operation: PWUnrecoverableError
   at Microsoft.IdentityManagement.CredentialManagement.Portal.Reset.AttemptToResetPassword()
   at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
   at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
CorrelationId: 
RequestId: 
ErrorCode: 3000
CaughtTime: 05/09/2019 12:35:44

Web Portal: FIM Password Reset Portal
Session Id: j0mz1245ydyzf055iokgjw55
IP Address: 10.98.0.15

F.